- What is the severity of CVE-2025-2566?
- CVE-2025-2566 has been scored as a critical severity vulnerability.
- How to fix CVE-2025-2566?
- To fix CVE-2025-2566: Kaleris recommends users to implement the following versions or later: * Navis N4: Version 3.1.44+ * Navis N4: Version 3.2.26+ * Navis N4: Version 3.3.27+ * Navis N4: Version 3.4.25+ * Navis N4: Version 3.5.18+ * Navis N4: Version 3.6.14+ * Navis N4: Version 3.7.0+ * Navis N4: Version 3.8.0+ If users are unable to update, Kaleris recommends following these mitigations: * If N4 does not need to be exposed to the internet, placing it behind a firewall. * If CAP needs to be exposed to the internet, disable the Ultra Light Client on the nodes being exposed. This can be done by blocking the Ultra Light Client URLs in the load balancer or firewall by blocking the following patterns: "url-pattern*.jnlp
- Is CVE-2025-2566 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2025-2566 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2025-2566?
- CVE-2025-2566 affects Kaleris Navis N4.